On Fri, 2017-08-18 at 10:04 -0700, Ram Pai wrote:

Assume two threads of a task.

T1:  mprotect_key(foo, PAGE_SIZE, pkey=4);
T1:  set AMR to disable access for pkey 4;
T1:  key fault
    T2: set AMR to enable access to pkey 4;
T1:  fault handler called.
        This fault handler will see the new AMR and not the
        one at the time of the fault.

You aren't context switching AMR with the threads ? Ugh... something is
very wrong then.

Ben.